Binance has raised the alarm about an ongoing malware threat. According to the exchange, the malware, known as "Clipper," targets users' addresses, altering them and eventually culminating in massive losses for unsuspecting victims.
Clipper alters users' addresses by changing their clipboard data to the attacker’s address during copy-and-paste actions. Hence, once a transaction is elicited without checking to confirm the destination, it ends up in the attackers' wallet address.
Describing the malware, Binance's statement on its official website read in part: “The issue has seen a notable spike in activity, particularly on August 27, 2024, leading to significant financial losses for affected users.”
Interestingly, the malicious entities gain access to users' devices, particularly Android users via unauthorized apps and plugins. While the malware seems to attack only Android devices, Binance warned that iOS users remain meticulous. Affected individuals are renowned for seeking software in their native languages or unofficial channels, following regional restrictions.
Binance Assures Customers on Measures to Repel the Malware Attacks
In the released statement, Binance assured victims of its security team's efforts to curb the malicious attacks. According to the trading platform, it has blacklisted malicious addresses, preventing further transfers to the attackers.
In addition, Binance has reached affected users, informing them about the malware and the need to check their devices for potential harbors of the malicious component. The exchange has also requested incidental reporting from victims as its security team intensifies its monitoring actions on users' security threats.
Advice for Users to Remain Safe
The concluding part of Binance’s report contained steps for mitigating the malware attacks. Binance highlighted routine activities such as verifying the authenticity of apps and plugins and double-checking addresses before eliciting transfers.
Other important precautions include remaining updated to know what is happening and installing competent security software that can help detect unusual components that could pose security threats.